In the modern office workplace, documents are now embodied in digital data files. These files are readily transmitted over digital communications networks. The typical office is comprised of several computers that share a local network connection, where all of the computers on that local connection are part of one company or, from a security perspective, one locus. The typical office work involving transactions requires sharing documents between two companies, for example, that is, a document may have to be shared between two network loci. In this case, a document may be transmitted from the local network out across a wider network to some other loci associated with the other company. The security policy of the first company may require that each document be checked prior to such a transmission outside the secure locus.
The problem faced by most computers in the office context is that an email program or other communication program is used to transmit or cause the transmission of the document as a MIME attachment, in the case of email, or in some other way relying on FTP, HTTP or other network protocols. Email is typically insecure, and transmission outside the security locus may be impermissible anyway. Therefore the security policy for each document has to be checked for each such email or other transmission. In the prior art, the email program relies on external code modules to perform the security check. These modules are typically invoked when the email program is given the command to transmit the email message. The problem with this approach is that nothing ensures the order of execution of these external code modules. As a result, this approach is prone to error and therefore is a security vulnerability.